Mailinglist Archive: opensuse-bugs (5776 mails)
| < Previous | Next > |
[Bug 629549] New: ldap connects over TLS fail with self signed certificates
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Mon, 9 Aug 2010 13:45:53 +0000
- Message-id: <bug-629549-21960@xxxxxxxxxxxxxxxxxxxxxxxx/>
http://bugzilla.novell.com/show_bug.cgi?id=629549
http://bugzilla.novell.com/show_bug.cgi?id=629549#c0
Summary: ldap connects over TLS fail with self signed
certificates
Classification: openSUSE
Product: openSUSE 11.3
Version: Final
Platform: x86-64
OS/Version: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Network
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: volker@xxxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---
User-Agent: Mozilla/5.0 (compatible; Konqueror/4.4; Linux) KHTML/4.4.4
(like Gecko) SUSE
Can not connect to ldap server over TLS when server uses self signed
certificate.
Ldap client accesses from 11.3 fail when using TLS.
For example:
ldapsearch -ZZ -h my.ldap.host.domain
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed
certificate in certificate chain)
The error message is probably referring to the CA certificate which resides in
/etc/ssl/certs/myown-ca.cert.pem on server side and which is self signed.
Other ldap client services like Yast-Ldap-Browser or Yast-User-Management give
the same error.
This problem does not occur with 11.2
Reproducible: Always
Steps to Reproduce:
1.
2.
3.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=629549#c0
Summary: ldap connects over TLS fail with self signed
certificates
Classification: openSUSE
Product: openSUSE 11.3
Version: Final
Platform: x86-64
OS/Version: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Network
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: volker@xxxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---
User-Agent: Mozilla/5.0 (compatible; Konqueror/4.4; Linux) KHTML/4.4.4
(like Gecko) SUSE
Can not connect to ldap server over TLS when server uses self signed
certificate.
Ldap client accesses from 11.3 fail when using TLS.
For example:
ldapsearch -ZZ -h my.ldap.host.domain
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed
certificate in certificate chain)
The error message is probably referring to the CA certificate which resides in
/etc/ssl/certs/myown-ca.cert.pem on server side and which is self signed.
Other ldap client services like Yast-Ldap-Browser or Yast-User-Management give
the same error.
This problem does not occur with 11.2
Reproducible: Always
Steps to Reproduce:
1.
2.
3.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |